JMOT

v0.3a1.dev3 suspicious
6.0
Medium Risk

Juno New Origin Monitor Operation System written in Python

🤖 AI Analysis

Final verdict: SUSPICIOUS

The package exhibits high obfuscation and metadata risks, particularly concerning the use of eval and potential typosquatting. While it doesn't clearly indicate credential theft or active malicious network activity, the overall pattern suggests a need for caution.

  • High obfuscation risk due to use of eval
  • Potential typosquatting targeting 'moto'
Per-check LLM notes
  • Network: No network calls detected, which is normal and does not indicate any risk.
  • Shell: Shell execution patterns observed may be intended for installing dependencies but could potentially be exploited for unintended actions.
  • Obfuscation: The use of eval with string formatting is suspicious and may indicate an attempt to obfuscate code execution logic.
  • Credentials: No clear patterns indicative of credential harvesting were detected.
  • Metadata: The package shows signs of potential typosquatting and lacks credible maintainer information.
  • Typosquatting target: moto

🔬 Heuristic Checks

Outbound Network Calls

No suspicious network call patterns found

Code Obfuscation score 2.0

Found 1 obfuscation pattern(s)

  • if version and not eval(f"'{version}' {version_spec}"): _instal
Shell / Subprocess Execution score 4.0

Found 2 shell execution pattern(s)

  • if version_spec: subprocess.check_call([sys.executable, "-m", "pip", "install", f"{package_name}{ve
  • ) else: subprocess.check_call([sys.executable, "-m", "pip", "install", package_name])
Credential Harvesting

No credential harvesting patterns detected

Typosquatting score 3.0

Possible typosquat of: moto

  • "JMOT" is 2 edit(s) from "moto"
Registered Email Domain score 3.0

Suspicious email domain flags: Very short email domain: qq.com>

  • Very short email domain: qq.com>
Suspicious Page Links

All external links appear legitimate

Git Repository History

No GitHub repository linked

  • No GitHub repository link found
Maintainer History score 4.0

2 maintainer concern(s) found

  • Author name is missing or very short
  • Author "" appears to have only 1 package on PyPI (new or inactive account)
Known CVE Vulnerabilities

No known vulnerabilities found in OSV database.

💡 AI App Starter Prompt

Use this prompt to build a project with JMOT 
Develop a comprehensive monitoring tool using the 'JMOT' package in Python. Your task is to create a mini-application named 'JunoWatch' which will serve as an all-in-one system monitor for Linux environments. This tool should not only display real-time system metrics but also provide historical data analysis and alert functionalities. Here are the key steps and features you need to implement:

1. **System Metrics Monitoring**: Use JMOT to fetch and display CPU usage, memory usage, disk I/O, network traffic, and process information in real-time.
2. **Data Logging**: Implement a feature where the collected system metrics are logged into a database or file for future reference.
3. **Historical Data Analysis**: Develop a module that allows users to analyze past system performance data through graphical representations such as line charts and bar graphs.
4. **Alert System**: Integrate an alert system that sends notifications via email or SMS when certain thresholds of system performance are exceeded.
5. **User Interface**: Create a simple yet effective command-line interface (CLI) for interacting with the tool. Consider adding options for configuring alert thresholds and viewing logs.
6. **Documentation**: Provide detailed documentation on how to install and use JunoWatch, including setup instructions and examples of common tasks.

Throughout the development process, ensure that you leverage the core functionalities of the JMOT package to streamline the implementation of these features. Pay special attention to the efficiency and reliability of your code to make JunoWatch a robust and user-friendly tool.